Jump to content

Run binary


trancexx
 Share

Recommended Posts

Hello Trancexx (and everyone),

Sorry to bother you :-s

I'm "fighting" with my "injection" script for a few days and I can't find a solution.

I read all the post of this thread with hope, but my script still fail...

My problem is about X86 and X64.

You say your script (on the first page) works on both.

1/XP - 32 bits.

I inject "write.exe" in memory with your excellent "RunBinary.exe" (compiled on the XP-32bits platform) and it works great.

2/W7 - 64 bits.

I take the 32bits' write.exe and the 32bits' RunBinary.exe and copy them on the W7-64bits platform. Try to run my injection script and nothing happens :-(

What is wrong ?

The final goal is to inject in memory a 32bits EXE with an injection program that works on both environnment.

Thanks for your help.

Mag.

Edited by Magellan
Link to comment
Share on other sites

Hello Trancexx (and everyone),

Sorry to bother you :-s

I'm "fighting" with my "injection" script for a few days and I can't find a solution.

I read all the post of this thread with hope, but my script still fail...

My problem is about X86 and X64.

You say your script (on the first page) works on both.

1/XP - 32 bits.

I inject "write.exe" in memory with your excellent "RunBinary.exe" (compiled on the XP-32bits platform) and it works great.

2/W7 - 64 bits.

I take the 32bits' write.exe and the 32bits' RunBinary.exe and copy them on the W7-64bits platform. Try to run my injection script and nothing happens :-(

What is wrong ?

The final goal is to inject in memory a 32bits EXE with an injection program that works on both environnment.

Thanks for your help.

Mag.

You are not providing enough information.

♡♡♡

.

eMyvnE

Link to comment
Share on other sites

  • 3 weeks later...

Local $aCall = DllCall("kernel32.dll", "bool", "CreateProcessW", _
"wstr", $sExeModule, _
"wstr", $sCommandLine, _
"ptr", 0, _
"ptr", 0, _
"int", 0, _
"dword", 4, _
"ptr", 0, _
"ptr", 0, _
"ptr", DllStructGetPtr($tSTARTUPINFO), _
"ptr", DllStructGetPtr($tPROCESS_INFORMATION))

Where in the _RunBinary() function can I set the process show/hide parameters?

It seems I can't set them in this dll call...

And also, I read comments about setting the working directory but I don't exactly know how to do it, should it be some kind of dll structure or something?

Edit: lol, I need to be more observant, a solution was presented

Edited by THAT1ANONYMOUSEDUDE
Link to comment
Share on other sites

  • 1 month later...
  • 4 weeks later...

Why?

Because the answer to that question will not give the answer to your real question (that you have troubles articulating). You need to be more precise and show a bit more healthy reasoning. If you can't find answer to your questions by yourself and still have need to ask them in such a plain way then maybe you shouldn't be using the code from this thread as it clearly demands higher understanding of relevant programming elements than you actually have.

♡♡♡

.

eMyvnE

Link to comment
Share on other sites

I do a new try. I took the source code in the first topic, I select the notepad.exe on windir and it works.

I compile an autoit script with this line "MSGBOX(16,"Test","Test a program in memory.")" but I have a message "AutoIt Error. Unable to open the script file.". What is wrong?

Link to comment
Share on other sites

I compile an autoit script with this line "MSGBOX(16,"Test","Test a program in memory.")" but I have a message "AutoIt Error. Unable to open the script file.". What is wrong?

When you compile the script, load it into memory and run it in another binaries memory space, the script interpreter running from memory is trying to read the script from the image on your hard drive (i.e., the image you're attempting to impersonate.), but guess what, it's not there, herp. :D

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...